On 6/4/06, rblythe <[EMAIL PROTECTED]> wrote:
This e-mail is for my learning purposes only. I have not installed openLDAP or Cyrus-SASL, but I would like to. I have been reading everything I could find on the Internet about these two packages, but I can't figure out if I need them for my situation:
Well, you never stated what your "situation" is. To break it down quickly, LDAP is a directory service. It's useful for storing a hierarchy of information. You can store any kind of information you want depending on the type of schema you're using. Cyrus-SASL handles authentication. So, if you link in Cyrus-SASL to OpenLDAP, then the you can use the LDAP client tools to more securely authenticate to an LDAP server. You can also configure Cyrus-SASL to be the authenticating agent for your LDAP server. The client tools work out of the box. You can authenticate to an LDAP server with SASL right away. However, setting up an LDAP server and/or SASL authentication is not trivial in the least. LDAP administration is a sort of voodoo art for many people, and SASL authentication adds another layer of complexity. As an example, I have a Postfix mail server with an LDAP backend that stores information about the users. Communication with the mail client and LDAP server is done over a TLS encrypted channel with Cyrus-SASL handling the authentication. I would have never figured it out on my own, but the Book of Postfix is great (http://www.postfix-book.com/). I don't know if that answers your question. I'm still confused about it, and I've gone over it many times. -- Dan -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
